- From: Brady Eidson <beidson@apple.com>
- Date: Mon, 31 Aug 2009 11:19:47 -0700
On Aug 31, 2009, at 11:12 AM, Jeremy Orlow wrote: > On Mon, Aug 31, 2009 at 11:01 AM, Jens Alfke <snej at google.com> wrote: > > On Aug 31, 2009, at 3:11 AM, Ian Hickson wrote: > > We can't treat cookies and persistent storage differently, because > otherwise we'll expose users to cookie resurrection attacks. > Maintaining > the user's expectations of privacy is critical. > > The fact that local storage can be used as a type of super-cookie > doesn't mean the two are the same thing. Yes, obviously if I give a > website permission to put 50MB of stuff on my disk, it can use 1k of > that as a type of cookie if it wants. That's just one of many > reasons why user agents should require user approval for letting a > domain access local storage. > > That does not mean that the "Delete Cookies" menu command should > also delete local storage. Users often delete cookies to resolve > login issues (I've had to do this with Google websites several > times). Conflating the two can lead to disasters like "I told you to > delete my COOKIES! Not my EMAIL DRAFTS that I was trying to log in > to send!" > > Agreed. > > So I've removed the text that says that local storage could be user- > critical. > > That's going to come as a shock to developers who were planning to > use it for user-created data (whether drafts of content to be pushed > to the cloud, or strictly-local documents.) Without this, the safe > usage of local storage diminishes to a download cache. > > Yes, this is pretty disconcerting since there's been OVERWHELMING > support for LocalStorage being treated as user-critical on this > thread. Thirded. I will state again that I've been told face-to-face by multiple developers: If there is a perception that Flash's LocalStorage is deemed more "user critical" and therefore "safer" than HTML5's LocalStorage, they'll continue to instantiate Flash instead of using the HTML5/WebStorage mechanism. "Supercookies" will continue to exist in the Flash-ether and continue to be hidden from browser-view. /me sheds a tear. ~Brady -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090831/ddd13de5/attachment.htm>
Received on Monday, 31 August 2009 11:19:47 UTC